imagekrazy
asked on
How to do a Member login page on web site
What is the least complicated way of doing a member login page for a web site
1) You need a database
2) You get the users to register
3) On login you check if there is a match in the database
4) If there is a match you create a session variable
5) On every page you want to protect you check if the session variable is set.
On top of that you can have email verification code sent to the new member to make sure their email address is valid etc.
on good script for that is vSignup 2.5 available here http://www.beanbug.net/vScripts.php
2) You get the users to register
3) On login you check if there is a match in the database
4) If there is a match you create a session variable
5) On every page you want to protect you check if the session variable is set.
On top of that you can have email verification code sent to the new member to make sure their email address is valid etc.
on good script for that is vSignup 2.5 available here http://www.beanbug.net/vScripts.php
Whenever I see if (isset($_POST['submit'])) in code I know the developer is an idiot. Use that at your own risk.
I have an appointment or I'd tell you how to fix that code the link points to.
Won't be back for several hours, so if you can't wait, use the code posted then I'll tell you how much you are going to need to re-write for it to be secure.
If $_SERVER["REQUEST_METHOD"]
Regards,
Rod
I have an appointment or I'd tell you how to fix that code the link points to.
Won't be back for several hours, so if you can't wait, use the code posted then I'll tell you how much you are going to need to re-write for it to be secure.
If $_SERVER["REQUEST_METHOD"]
Regards,
Rod
ASKER
Hello Gamebits, thank you for the check list, and i went to the page and downloaded what i think is login page, my question is , the databse file, what is a good program to work with the databse files, what do you recommend ?
The database used by vSignup is MySQL if you host your webpage on a commercial host providing PHP they usualy have MySQL setup and most of them use PhpMyAdmin to interact with the database, I like it.
A good resource for learning about this, and much, much more is this excellent book from SitePoint. Read the description of it and you will probably find that you want to invest a couple of months in working through the examples. They have an online code library you can copy and paste. It won't make you a professional programmer, but you will have a lot of fun and you will learn a lot from it. It's now in its fourth printing and has been a part of my professional library since Version One.
http://www.sitepoint.com/books/phpmysql4/
That said, consider using OpenID - the last thing your customers need is another password to remember, y'know?
best regards, ~Ray
http://www.sitepoint.com/books/phpmysql4/
That said, consider using OpenID - the last thing your customers need is another password to remember, y'know?
best regards, ~Ray
Using Classic ASP, Access Database (SQL Server and MySQL and Oracle can be used as well) and cookies.
As well as: XSS and SQL Injection prevention.
http://ee.cffcs.com/Q_24252782/login.asp
code
http://ee.cffcs.com/Q_24252782/Q_24252782.zip
I am sure that you will like it, very detailed and easy to understand.
Carrzkiss
As well as: XSS and SQL Injection prevention.
http://ee.cffcs.com/Q_24252782/login.asp
code
http://ee.cffcs.com/Q_24252782/Q_24252782.zip
I am sure that you will like it, very detailed and easy to understand.
Carrzkiss
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://php.about.com/od/finishedphp1/ss/php_login_code_3.htm